|
In a bid to enhance productivity, meet up with regulatory requirements and ensure retention of their competitive edge, organizations who have embraced security technologies to protect their information assets are coming to appreciate that there is more to it than the application of technology.
Information is vital and constitutes a valuable asset of your company, hence the need to protect its confidentiality, integrity and availability. Information security concerns as well as legal and regulatory compliance issues have always been a major challenge to most organizations. Increased complexity, speed, inter-connectivity, new standards of managing information systems and the need to meet global standards have further compounded these challenges.
Phillips Consulting Limited presents a complete suite of Information Security Consulting Services, enabling you to take informed decisions to safeguard your information assets as well as resolve Information Security challenges.
Our Information Security Consulting Services include; Information Security Audits and Reviews (COBIT, ISO17799 & Industry specific regulatory compliance)
This intervention comprises asset profiling, risk assessment of your entire IT infrastructure (architecture, processes, etc) and a review of existing security policies and procedures in line with best practice standards. We then present a report that includes a recommended Security Roadmap or Blueprint to address identified tasks, timelines and resource assignments.
Vulnerability Assessments and Penetration Tests
This intervention begins with an information asset profiling leading to detailed technical tests conducted within your network perimeter using the OSSTM methodology. Ethical hacking attempts are simultaneously carried out to penetrate your network perimeter though external interfaces with the objective of determining how vulnerable you are to external attacks.
ISO 27001 Information Security Management System Certification
We utilise an asset based risk management approach to plan, design and implement a comprehensive Information Security Management System (ISMS) following the Plan-Do-Check-Act (PDCA) model. The ISMS is eventually certified after a series of assessments and audits (in line with the 11 security domains and selected controls out of the 133 prescribed control objectives) to comply with the internationally recognised and much sought after ISO 27001:2005 ISMS certification standard.
Information Security Policies & Procedures Development
Information security policies & procedures are developed and documented as part of the foundation of your information security strategy. The developed policies are then communicated across your organisation using out tested and robust Training Education and Awareness (TEA) methodology. This ensures that every aspect of the security chain is adequately addressed.
Business Continuity Management
A comprehensive and robust Business Continuity Plan (BCP) AND OR Disaster Recovery Plan (DRP) with a viable continuity and recovery strategy is developed from a business impact analysis and risk assessment exercise. The plan is then tested after the recommended recovery solutions have been implemented.
IT and Information Security Governance Framework Development
The COBIT framework is used in the optimisation of IT organisational structures, policies, procedures, standards and guidelines to deliver value, align the strategy with the company’s business stategy and measure the IT group’s performance relative to defined strategies and goals.
|
CONSULTING SERVICES 
